Define user and group rights
To configure the access permissions, select Control Panel→ Group Templates or Control Panel→ Users.
- Highlight a group template or one or more users (left arrow in illus.).
- Then select Settings→ Edit in the context menu (right arrow in illus).
Now you can make changes to the default rights settings for the selected users. By default all the settings are checked, except for Disallow local password storage, Force offline password and Allow change of domain password (General tab).
- Account directory: So long as only one user is selected you have the option, under Account directory to change the path to the directory of that user (User Storage). To do so, share a new directory and enter the path to the share here.
- Max. device count: Specify here how many devices the user is permitted to configure. The limit is a maximum of three devices per user. If the user logs in with a greater number of devices than are permitted here, access to the Cortado app will be denied.
- E-mail address: Here you can find the e-mail address of the user.
- Firstname/Lastname: The data is taken from the AD and may be added to or modified here, as required. To use Android Enterprise with Google accounts the name and surname must be provided (to create the Google accounts).
- Account enabled: By removing this checkmark, you deny the users access to the company drives via the Cortado app, the web app and the Windows app.
- Microsoft Exchange: By removing this checkmark, you deny the users the use of Microsoft Exchange, provided that in the configuration of the Exchange account on the mobile device, the name of the Cortado server, rather than the Exchange server is specified. This has the advantage that if the device is lost or stolen, the mail account of the user can be deleted on the mobile device.
- Report GPS data: This option is no longer available. Instead, use the option Enable Lost Mode under Devices.
- Allow/Disallow local password storage: Depending on whether you choose Allow or Disallow, users will have to log in each time they open the app or not.
- Force offline password (password storage disallowed): If this option is enabled, the users may not save the password for the Cortado app. Additionally, they must, even in offline mode, enter the password to gain access to the Local Drive of the Cortado app.
- Allow change of domain password: With this option enabled, the users are permitted to change their domain passwords. If it is disabled, this option is not available to your users in the User Self Service Portal.
Access rights or file options of the mobile devices (Devices)
You can make the following options available to your users for editing files (those located on the company drives they’re able to access):
A Tusted Device is a device that is recognised by the Cortado server. That is a device with native Cortado app.
Here you can set which of the Cortado app options will be made available to users. For this purpose, make sure that under Global Settings, access for the used device groups is enabled.
The following settings can be made for Trusted Devices:
Note! If you want to absolutely deny your users access to the company drives and the linked file options, clear the Display Home Drive checkbox.
- Share files as e-mail attachment: Allows the sharing of files by e-mail.
- Public links: Allows the user to create a link to the file and then share this link with internal and external users. Cortado Server automatically creates a copy of the file on the proxy server in the DMZ. The corporate network with the original file remains inaccessible from outside the company. The user can specify how long the link is to be valid for (maximum: 30 days).
- Projects: You can let your users create projects here. That allows them to share files with internal and external users in virtual data rooms (On-Premises File Sharing). The Sharing technology enables simple, secure, data-friendly file sharing – even with those outside the company. If an external recipient is addressed, Cortado server automatically creates a copy of the file on the proxy server in the DMZ. The corporate network with the original file remains inaccessible from outside the company. With External Projects you can allow users to share files externally. You can make further settings to enable Sharing under Global Settings→ Sharing.
Note! To enable files to be shared with recipients outside the organization, a special license is required for each external user.
- Delete files: Allows deleting of files on the company server (see illus.).
- Upload files: Allows the uploading of files from mobile device to the Cortado server. Please note, that if you eliminate this option for users, they can no longer save e-mails or e-mail attachments on the company server. Furthermore, the users can neither print nor fax files stored only on the mobile device. The file will first need to be uploaded onto the server.
- Download files: Allows the downloading of files from the Cortado server. If the option Force download as PDF is enabled, downloaded files will only be displayed in PDF format. Files such as .txt or .zip files, won’t be downloaded.
- Preview: Allows a preview of a file to be created (see illus.).
- Force Authentic Preview for iOS: If there is a problem displaying previews of PDF and PPT files (for instance because of their size), then Authentic Preview can be set for the users by default. Then the users no longer have to individually enable Authentic Preview on their iOS devices. This setting can’t be changed by users. Authentic Preview generates an image of the data, rather than the native preview. This will save on data volume. On the other hand, it’s no longer possible to copy anything out of the file.
- Export files: Allows exporting files in ZIP or in PDF format (see illus.).
- Fax: By removing this checkmark, you prevent the users from sending files via fax. The fax option is only available for iOS devices.
- Printing: By removing this checkmark, you prevent the users from printing files.
- Network printing: By removing this checkmark, you deny users access to the network printers (see the section Printing to network printers).
- Native Android printing: By removing this checkmark, you deny user access to the network printers in all Android apps that offer a printing option (see the section Native Android printing).
- Native iOS printing: By removing this checkmark, you deny user access to the network printers in all iOS apps that offer a printing option (see the section Native iOS printing).
- Wi-Fi printing: By removing this checkmark, you block users from searching for printers in the Wi-Fi network (see the section Wireless printing ).
- Enterprise search (iOS only): With this option, users search files in directories that have been shared in the corporate network. By removing this checkmark, you prevent users from using the enterprise search function in the Cortado app.
- Secure Net browser/Cortado sync: These options are no longer available.
Here you can set which access options your users will be allowed in the web app (web access from a PC/Mac). For this purpose, make sure that under Global Settings the web app is enabled.
The same settings can be made for Untrusted Devices as for Trusted Devices, with the exception of the functions which are not available for mobile devices::
- Native Android printing
- Native iOS printing
- Wi-Fi printing
The SecureNet browser and the Cortado Sync options are no longer available.